package com.winit.openapi.interceptor.validator;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Service;

import com.winit.openapi.interceptor.DataParseInterceptor;
import com.winit.openapi.interceptor.validator.impl.BasicRequestHandler;
import com.winit.openapi.interceptor.validator.impl.FxRequestHandler;
import com.winit.openapi.interceptor.validator.impl.OAuth2ClientRequestHandler;
import com.winit.openapi.interceptor.validator.impl.OAuth2UserRequestHandler;
import com.winit.openapi.model.RequestMsg;
import com.winit.openapi.util.RequestUtil;

@Service("apiAuthHandlerHolder")
public class APIRequestHandlerHolder {

    @Resource
    private BasicRequestHandler        basicRequestHandler;
    @Resource
    private FxRequestHandler           fxRequestHandler;
    @Resource
    private OAuth2UserRequestHandler   oAuth2UserRequestHandler;
    @Resource
    private OAuth2ClientRequestHandler oAuth2ClientRequestHandler;

    public void doRequestAuthorization(HttpServletRequest request) {
        RequestMsg requestMsg = RequestUtil.getRequestMsg(request);
        if (requestMsg == null) {
            return;
        }
        // 常规认证处理
        if (StringUtils.isNotEmpty(requestMsg.getApp_key())) {
            basicRequestHandler.doAuth(request);
        }
        if (StringUtils.isNotEmpty(requestMsg.getAuz_app_key())) {
            // 分销用户请求处理
            fxRequestHandler.doAuth(request);
        }
        // 使用OAuth2.0认证的
        if (StringUtils.isNotEmpty(requestMsg.getClient_id()) || StringUtils.isNotEmpty(requestMsg.getClient_sign())) {
            // 使用OAuth2.0授权认证无用户请求处理，主要是调用基础数据API
            oAuth2ClientRequestHandler.doAuth(request);
            if (StringUtils.isNotEmpty(requestMsg.getApp_key())) {
                // 使用OAuth2.0授权认证用户请求处理
                oAuth2UserRequestHandler.doAuth(request);
            }
        }

    }

    public void doRequestDataCheck(HttpServletRequest request) {
        RequestMsg requestMsg = RequestUtil.getRequestMsg(request);
        if (requestMsg == null) {
            return;
        }
        // 常规数据校验
        String action = requestMsg.getAction();
        // 白名单里面和开发者平台的接口无需校验app_key
        if (!DataParseInterceptor.getNo_Check_list().contains(action)) {
            basicRequestHandler.doCheckData(request);
        }
        if (StringUtils.isNotEmpty(requestMsg.getAuz_app_key()) || StringUtils.isNotEmpty(requestMsg.getAuz_sign())) {
            // 分销数据校验
            fxRequestHandler.doCheckData(request);
        }
        // 使用OAuth2.0认证的
        if (StringUtils.isNotEmpty(requestMsg.getClient_id()) || StringUtils.isNotEmpty(requestMsg.getClient_sign())) {
            // 使用OAuth2.0授权认证无用户请求数据校验
            oAuth2ClientRequestHandler.doCheckData(request);
            if (StringUtils.isNotEmpty(requestMsg.getApp_key())) {
                // 使用OAuth2.0授权认证用户数据校验
                oAuth2UserRequestHandler.doCheckData(request);
            }
        }

    }

}
